Russian Sandworm hackers pose as Ukrainian telcos to drop malware

The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware.

Sandworm is a state-backed threat actor attributed by the US government as part of the Russian GRU foreign military intelligence service.

The APT hacking group is believed to have been behind numerous attacks this year, including an attack on Ukrainian energy infrastructure and the deployment of a persistent botnet called “Cyclops Blink.”

Read more…
Source: Bleeping Computer